Make gen_pki.sh & debug_helper.sh bash8 compliant

Now that bash8 is available on PyPI we can use it to clean up the bash
scripts in Keystone. This also uses bash8 in tox. For now we can add
files to the tox check manually as we make them compliant.

Change-Id: I87a7478949114163f0614b1a6d8b249e14afe0df

1 files changed, 56 insertions, 57 deletions

diff --git a/examples/pki/gen_pki.sh b/examples/pki/gen_pki.sh
index 85369d29f..655502659 100755
--- a/examples/pki/gen_pki.sh
+++ b/examples/pki/gen_pki.sh
@@ -24,21 +24,21 @@ CMS_DIR=$CURRENT_DIR/cms
 
 
 function rm_old {
-  rm -rf $CERTS_DIR/*.pem
-  rm -rf $PRIVATE_DIR/*.pem
+    rm -rf $CERTS_DIR/*.pem
+    rm -rf $PRIVATE_DIR/*.pem
 }
 
 function cleanup {
-  rm -rf *.conf > /dev/null 2>&1
-  rm -rf index* > /dev/null 2>&1
-  rm -rf *.crt > /dev/null 2>&1
-  rm -rf newcerts > /dev/null 2>&1
-  rm -rf *.pem > /dev/null 2>&1
-  rm -rf serial* > /dev/null 2>&1
+    rm -rf *.conf > /dev/null 2>&1
+    rm -rf index* > /dev/null 2>&1
+    rm -rf *.crt > /dev/null 2>&1
+    rm -rf newcerts > /dev/null 2>&1
+    rm -rf *.pem > /dev/null 2>&1
+    rm -rf serial* > /dev/null 2>&1
 }
 
 function generate_ca_conf {
-  echo '
+    echo '
 [ req ]
 default_bits            = 2048
 default_keyfile         = cakey.pem
@@ -65,7 +65,7 @@ basicConstraints        = critical,CA:true
 }
 
 function generate_ssl_req_conf {
-  echo '
+    echo '
 [ req ]
 default_bits            = 2048
 default_keyfile         = keystonekey.pem
@@ -86,7 +86,7 @@ emailAddress            = keystone@openstack.org
 }
 
 function generate_cms_signing_req_conf {
-  echo '
+    echo '
 [ req ]
 default_bits            = 2048
 default_keyfile         = keystonekey.pem
@@ -107,7 +107,7 @@ emailAddress            = keystone@openstack.org
 }
 
 function generate_signing_conf {
-  echo '
+    echo '
 [ ca ]
 default_ca      = signing_ca
 
@@ -138,75 +138,74 @@ commonName              = supplied
 }
 
 function setup {
-  touch index.txt
-  echo '10' > serial
-  generate_ca_conf
-  mkdir newcerts
+    touch index.txt
+    echo '10' > serial
+    generate_ca_conf
+    mkdir newcerts
 }
 
 function check_error {
-  if [ $1 != 0 ] ; then
-    echo "Failed! rc=${1}"
-    echo 'Bailing ...'
-    cleanup
-    exit $1
-  else
-    echo 'Done'
-  fi
+    if [ $1 != 0 ] ; then
+        echo "Failed! rc=${1}"
+        echo 'Bailing ...'
+        cleanup
+        exit $1
+    else
+        echo 'Done'
+    fi
 }
 
 function generate_ca {
-  echo 'Generating New CA Certificate ...'
-  openssl req -x509 -newkey rsa:2048 -days 21360 -out $CERTS_DIR/cacert.pem -keyout $PRIVATE_DIR/cakey.pem -outform PEM -config ca.conf -nodes
-  check_error $?
+    echo 'Generating New CA Certificate ...'
+    openssl req -x509 -newkey rsa:2048 -days 21360 -out $CERTS_DIR/cacert.pem -keyout $PRIVATE_DIR/cakey.pem -outform PEM -config ca.conf -nodes
+    check_error $?
 }
 
 function ssl_cert_req {
-  echo 'Generating SSL Certificate Request ...'
-  generate_ssl_req_conf
-  openssl req -newkey rsa:2048 -keyout $PRIVATE_DIR/ssl_key.pem -keyform PEM -out ssl_req.pem -outform PEM -config ssl_req.conf -nodes
-  check_error $?
-  #openssl req -in req.pem -text -noout
+    echo 'Generating SSL Certificate Request ...'
+    generate_ssl_req_conf
+    openssl req -newkey rsa:2048 -keyout $PRIVATE_DIR/ssl_key.pem -keyform PEM -out ssl_req.pem -outform PEM -config ssl_req.conf -nodes
+    check_error $?
+    #openssl req -in req.pem -text -noout
 }
 
 function cms_signing_cert_req {
-  echo 'Generating CMS Signing Certificate Request ...'
-  generate_cms_signing_req_conf
-  openssl req -newkey rsa:2048 -keyout $PRIVATE_DIR/signing_key.pem -keyform PEM -out cms_signing_req.pem -outform PEM -config cms_signing_req.conf -nodes
-  check_error $?
-  #openssl req -in req.pem -text -noout
+    echo 'Generating CMS Signing Certificate Request ...'
+    generate_cms_signing_req_conf
+    openssl req -newkey rsa:2048 -keyout $PRIVATE_DIR/signing_key.pem -keyform PEM -out cms_signing_req.pem -outform PEM -config cms_signing_req.conf -nodes
+    check_error $?
+    #openssl req -in req.pem -text -noout
 }
 
 function issue_certs {
-  generate_signing_conf
-  echo 'Issuing SSL Certificate ...'
-  openssl ca -in ssl_req.pem -config signing.conf -batch
-  check_error $?
-  openssl x509 -in $CURRENT_DIR/newcerts/10.pem -out $CERTS_DIR/ssl_cert.pem
-  check_error $?
-  echo 'Issuing CMS Signing Certificate ...'
-  openssl ca -in cms_signing_req.pem -config signing.conf -batch
-  check_error $?
-  openssl x509 -in $CURRENT_DIR/newcerts/11.pem -out $CERTS_DIR/signing_cert.pem
-  check_error $?
+    generate_signing_conf
+    echo 'Issuing SSL Certificate ...'
+    openssl ca -in ssl_req.pem -config signing.conf -batch
+    check_error $?
+    openssl x509 -in $CURRENT_DIR/newcerts/10.pem -out $CERTS_DIR/ssl_cert.pem
+    check_error $?
+    echo 'Issuing CMS Signing Certificate ...'
+    openssl ca -in cms_signing_req.pem -config signing.conf -batch
+    check_error $?
+    openssl x509 -in $CURRENT_DIR/newcerts/11.pem -out $CERTS_DIR/signing_cert.pem
+    check_error $?
 }
 
 function create_middleware_cert {
-  cp $CERTS_DIR/ssl_cert.pem $CERTS_DIR/middleware.pem
-  cat $PRIVATE_DIR/ssl_key.pem >> $CERTS_DIR/middleware.pem
+    cp $CERTS_DIR/ssl_cert.pem $CERTS_DIR/middleware.pem
+    cat $PRIVATE_DIR/ssl_key.pem >> $CERTS_DIR/middleware.pem
 }
 
 function check_openssl {
-  echo 'Checking openssl availability ...'
-  which openssl
-  check_error $?
+    echo 'Checking openssl availability ...'
+    which openssl
+    check_error $?
 }
 
 function gen_sample_cms {
-  for json_file in "${CMS_DIR}/auth_token_revoked.json" "${CMS_DIR}/auth_token_unscoped.json" "${CMS_DIR}/auth_token_scoped.json" "${CMS_DIR}/revocation_list.json"
-  do
-    openssl cms -sign -in $json_file -nosmimecap -signer $CERTS_DIR/signing_cert.pem -inkey $PRIVATE_DIR/signing_key.pem -outform PEM -nodetach -nocerts -noattr -out ${json_file/.json/.pem}
-  done
+    for json_file in "${CMS_DIR}/auth_token_revoked.json" "${CMS_DIR}/auth_token_unscoped.json" "${CMS_DIR}/auth_token_scoped.json" "${CMS_DIR}/revocation_list.json"; do
+        openssl cms -sign -in $json_file -nosmimecap -signer $CERTS_DIR/signing_cert.pem -inkey $PRIVATE_DIR/signing_key.pem -outform PEM -nodetach -nocerts -noattr -out ${json_file/.json/.pem}
+    done
 }
 
 check_openssl